Re: Any way to NOT escape a percent sign using 'contains'?
Thanks for the advice. I was kinda thinking I would have to use regex.
I hadn't thought of puting the replace() in a custom cleaning method,
but I agree that sounds like a good place to put it.
On Fri, 2009-01-30 at 13:59 +1100, Malcolm Tredinnick wrote:
> On Thu, 2009-01-29 at 18:47 +, Adam Stein wrote:
> > According to the docs, when using 'contains' in filter() a percent sign
> > or underscore is automatically escaped. However, in my case I want the
> > resulting SQL to use the percent sign.
> >
> > I know 'contains' will fill in the outside percent signs, but it escapes
> > the percent sign in my string. So that calling:
> >
> > Entry.objects.filter(headline__contains='a%b')
> >
> > will result in:
> >
> > SELECT ... WHERE headline LIKE '%a\%b%';
>
> Because the "contains" lookup type is used to look for string
> containment, not as a proxy for SQL. We deliberately try to not leak the
> underlying SQL abstraction (the storage backend may not even be SQL,
> after all).
>
> >
> > but I want it to be this instead:
> >
> > SELECT ... WHERE headline LIKE '%a%b%';
> >
> > This there an easy way to do this?
> >
> > I could use regexp, but I didn't want people to know that they would
> > have to use "a.*b" instead of "a*b", just trying to make it simplier for
> > myself and the people using the system.
>
> Well, the regexp lookup type is for this purpose, so it's the right tool
> to use at the code level. The point about the user-interface is well
> taken, but it doesn't have to be a transparent pass-through. What I
> would suggest is converting your value by doing using
>
> value = value.replace('%', '.*')
>
> at some point. If these values are coming in through a form field, a
> custom cleaning method for the form field would be a nice level to this
> at, for example.
>
> Regards,
> Malcolm
>
>
>
> --
Adam Stein @ Xerox Corporation Email: a...@eng.mc.xerox.com
Disclaimer: Any/All views expressed
here have been proven to be my own. [http://www.csh.rit.edu/~adam/]
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Re: Any way to NOT escape a percent sign using 'contains'?
On Thu, 2009-01-29 at 18:47 +, Adam Stein wrote:
> According to the docs, when using 'contains' in filter() a percent sign
> or underscore is automatically escaped. However, in my case I want the
> resulting SQL to use the percent sign.
>
> I know 'contains' will fill in the outside percent signs, but it escapes
> the percent sign in my string. So that calling:
>
> Entry.objects.filter(headline__contains='a%b')
>
> will result in:
>
> SELECT ... WHERE headline LIKE '%a\%b%';
Because the "contains" lookup type is used to look for string
containment, not as a proxy for SQL. We deliberately try to not leak the
underlying SQL abstraction (the storage backend may not even be SQL,
after all).
>
> but I want it to be this instead:
>
> SELECT ... WHERE headline LIKE '%a%b%';
>
> This there an easy way to do this?
>
> I could use regexp, but I didn't want people to know that they would
> have to use "a.*b" instead of "a*b", just trying to make it simplier for
> myself and the people using the system.
Well, the regexp lookup type is for this purpose, so it's the right tool
to use at the code level. The point about the user-interface is well
taken, but it doesn't have to be a transparent pass-through. What I
would suggest is converting your value by doing using
value = value.replace('%', '.*')
at some point. If these values are coming in through a form field, a
custom cleaning method for the form field would be a nice level to this
at, for example.
Regards,
Malcolm
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---
Any way to NOT escape a percent sign using 'contains'?
According to the docs, when using 'contains' in filter() a percent sign or underscore is automatically escaped. However, in my case I want the resulting SQL to use the percent sign. I know 'contains' will fill in the outside percent signs, but it escapes the percent sign in my string. So that calling: Entry.objects.filter(headline__contains='a%b') will result in: SELECT ... WHERE headline LIKE '%a\%b%'; but I want it to be this instead: SELECT ... WHERE headline LIKE '%a%b%'; This there an easy way to do this? I could use regexp, but I didn't want people to know that they would have to use "a.*b" instead of "a*b", just trying to make it simplier for myself and the people using the system. -- Adam Stein @ Xerox Corporation Email: a...@eng.mc.xerox.com Disclaimer: Any/All views expressed here have been proven to be my own. [http://www.csh.rit.edu/~adam/] --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
